OpenSSL is prone to a remote denial-of-service vulnerability because it fails to properly process certain maliciously crafted S/MIME messages.

An attacker can exploit this vulnerability to crash an application which uses the library, effectively denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.